Add PasswordResetRequestDto for password reset functionality and update resetPassword method

devondragon · devondragon · commit 1336559b1418 · 2025-09-01T22:26:01.000-06:00
diff --git a/src/main/java/com/digitalsanctuary/spring/user/api/UserAPI.java b/src/main/java/com/digitalsanctuary/spring/user/api/UserAPI.java
@@ -16,6 +16,7 @@
 import org.springframework.web.bind.annotation.RestController;
 import com.digitalsanctuary.spring.user.audit.AuditEvent;
 import com.digitalsanctuary.spring.user.dto.PasswordDto;
+import com.digitalsanctuary.spring.user.dto.PasswordResetRequestDto;
 import com.digitalsanctuary.spring.user.dto.UserDto;
 import com.digitalsanctuary.spring.user.event.OnRegistrationCompleteEvent;
 import com.digitalsanctuary.spring.user.exceptions.InvalidOldPasswordException;
@@ -133,13 +134,13 @@ public ResponseEntity<JSONResponse> updateUserAccount(@AuthenticationPrincipal D
 	 * This is used when the user has forgotten their password and wants to reset their password. This will send an email to the user with a link to
 	 * reset their password.
 	 *
-	 * @param userDto the user data transfer object containing user details
+	 * @param passwordResetRequest the password reset request containing the email address
 	 * @param request the HTTP servlet request
 	 * @return a ResponseEntity containing a JSONResponse with the password reset email send result
 	 */
 	@PostMapping("/resetPassword")
-	public ResponseEntity<JSONResponse> resetPassword(@Valid @RequestBody UserDto userDto, HttpServletRequest request) {
-		User user = userService.findUserByEmail(userDto.getEmail());
+	public ResponseEntity<JSONResponse> resetPassword(@Valid @RequestBody PasswordResetRequestDto passwordResetRequest, HttpServletRequest request) {
+		User user = userService.findUserByEmail(passwordResetRequest.getEmail());
 		if (user != null) {
 			userEmailService.sendForgotPasswordVerificationEmail(user, UserUtils.getAppUrl(request));
 			logAuditEvent("Reset Password", "Success", "Password reset email sent", user, request);
diff --git a/src/main/java/com/digitalsanctuary/spring/user/dto/PasswordResetRequestDto.java b/src/main/java/com/digitalsanctuary/spring/user/dto/PasswordResetRequestDto.java
@@ -0,0 +1,19 @@
+package com.digitalsanctuary.spring.user.dto;
+
+import jakarta.validation.constraints.Email;
+import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.Size;
+import lombok.Data;
+
+/**
+ * DTO for password reset requests. Contains only the email field needed for initiating a password reset.
+ */
+@Data
+public class PasswordResetRequestDto {
+    
+    /** The email address for password reset */
+    @NotBlank(message = "Email is required")
+    @Email(message = "Please provide a valid email address")
+    @Size(max = 100, message = "Email must not exceed 100 characters")
+    private String email;
+}
